[CentOS] Re: DNS Server

Tue Jun 27 22:45:22 UTC 2006
Thomas E Dukes <edukes at alltel.net>

Hello,

Just wanted to thank everyone for their responses.  I called my ISP today
and they set up the reverse DNS without any teeth pulling involved.

Thanks!!!!

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Tom Diehl
> Sent: Monday, June 26, 2006 3:36 PM
> To: CentOS mailing list
> Subject: [CentOS] Re: DNS Server
> 
> On Mon, 26 Jun 2006, Paul wrote:
> 
> > On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
> >> On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
> >>>
> >>>> -----Original Message-----
> >>>> From: centos-bounces at centos.org
> >>>> [mailto:centos-bounces at centos.org] On Behalf Of Johnny Hughes
> >>>> Sent: Monday, June 26, 2006 7:19 AM
> >>>> To: CentOS ML
> >>>> Subject: RE: [CentOS] Re: DNS Server
> >>>>
> >>>> On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
> >>>> <snip>
> >>>>
> >>>>>
> >>>>> So even if a service such as zoneedit, say they can do
> >>>> reverse DNS, it
> >>>>> won't work?
> >>>>>
> >>>>> I really don't understand how it can work in one direction
> >>>> and not the
> >>>>> reverse.  If they can keep up with my IP address and 
> match it to 
> >>>>> my domainanme, seems they could do the reverse.
> >>>>>
> >>>>
> >>>> OK ... rather than you staying confused on this issue, I 
> will try 
> >>>> to explain it in basic terms.
> >>>>
> >>>> DNS converts names to IPs (forward lookups) and IPs to names 
> >>>> (reverse lookups).
> >>>>
> >>>> A forward lookup is when you have a name 
> (www.abcxyz.com) and need 
> >>>> a number.  This this case, there is a domain owner and 
> that domain 
> >>>> has it's own DNS Zone.  The owner of that Zone can put 
> whatever IP 
> >>>> addresses
> >>>> (numbers) with names that they want in that zone.
> >>>>
> >>>> In the case of a forward lookup, there is no predefined 
> zone at all 
> >>>> ...
> >>>> you can have as many names as you want, and since people 
> pay for it 
> >>>> (the name), it stands to reason that will keep it 
> updated properly.
> >>>>
> >>>> A reverse lookup is different.  The standard for reverse lookups 
> >>>> break them down in "Class C" blocks (that is, the first 
> 3 groups of 
> >>>> numbers are the network number, the last group is the 
> host number).  
> >>>> If you have an ip address of:
> >>>>
> >>>> 192.87.99.234
> >>>>
> >>>> The network number is 192.87.99.0, the subnet mask is 
> >>>> 255.255.255.0, the host number is 234, and the reverse lookup 
> >>>> domain is:
> >>>>
> >>>> 99.87.192.in-addr.arpa
> >>>>
> >>>> All 254 host addresses in that zone are normally 
> assigned from the 
> >>>> owner of that zone from one machine.  If someone buys the whole 
> >>>> class C network, they get to control the zone, otherwise it is 
> >>>> normally controlled by the ISP that owns all the IPs.
> >>>>
> >>>> It is possible, but not usually done, to break up the 
> reverse into 
> >>>> smaller ranges.
> >>>>
> >>>> Tom Diehl has already mentioned RFC 2317:
> >>>>
> >>>> http://www.faqs.org/rfcs/rfc2317.html
> >>>>
> >>>> Using the techniques there, an ISP _CAN_ transfer 
> control of some 
> >>>> reverse lookup domains.  They will normally not do it unless you 
> >>>> have a fairly large network, however.
> >>>>
> >>>> I hope this helps you understand that forward zones are 
> designed to 
> >>>> easily break them down into 1 or 2 names ... but reverse 
> zones are 
> >>>> predefined and not designed for less than 1 class C 
> network blocks.
> >>>
> >>> Hello Johnny,
> >>>
> >>> I guess that makes sense.  It seems it would create too much work 
> >>> for the ISP to handle the reverse lookup for a single IP. 
>  If they 
> >>> dole them out that way, they should either do it or delegate them.
> >>>
> >>> All this is to operate a mail server without bounces.  Is 
> this why 
> >>> it recommedned to use your ISP's mail server as smarthost?  Does 
> >>> this mean I would be using the ISP's mail server for 
> outgoing mail?  
> >>> Or is it just 'stamped' with the ISP's name to prevent bounces?
> >>>
> >>> Thanks,
> >>>
> >>> Eddie
> >>
> >> Most ISPs block outbound port 25 traffic now ... only 
> allowing mail 
> >> server operation (or even normal sending of e-mail via a 
> client) to 
> >> be done out of their mail servers.
> >>
> >> I had, for many years, run a mail server on my linux box at home.
> >> Spammers (and viruses) have ruined that option for us. I 
> now have a 
> >> domain that I use for e-mail at a hosting provider, as too many 
> >> servers now block dynamic ranges and cable/dsl ranges to 
> combat spam.
> >>
> >> I have since just setup an NX desktop and use that to get 
> to my mail 
> >> at my home desktop when I am not there ... which seems to work OK.
> >
> > There are a select few ISP's still home-server friendly, one being 
> > Speakeasy.net.
> 
> +1 for Speakeasy. They also have a very active abuse desk.
> 
> Regards,
> 
> Tom
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>